skills/sickn33/antigravity-awesome-skills/database-cloud-optimization-cost-optimize/Gen Agent Trust Hub
database-cloud-optimization-cost-optimize
Warn
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The implementation playbook includes Python code that performs high-privilege operations on AWS infrastructure, such as 'stop_instances' and 'modify_instance_attribute' using the boto3 library (found in resources/implementation-playbook.md). \n- [EXTERNAL_DOWNLOADS]: The skill generates dashboard templates that fetch data visualization scripts from well-known services including jsDelivr and D3js. \n- [PROMPT_INJECTION]: An indirect prompt injection surface exists in the AutoTagger class within 'resources/implementation-playbook.md'. \n
- Ingestion points: Untrusted CloudTrail event data is ingested via 'event['detail']' in the 'auto_tag_resources' method. \n
- Boundary markers: No delimiters or safety instructions are present to prevent the model from obeying instructions embedded in the metadata. \n
- Capability inventory: The skill has the ability to tag any accessible AWS resource with arbitrary string values. \n
- Sanitization: No validation or escaping is performed on 'userName' or 'sourceIPAddress' before they are interpolated into resource tags, which could allow for metadata poisoning or schema confusion.
Audit Metadata